# The formal specification and derivation of CMOS-circuits 

## Citation for published version (APA):

Mak, R. H. (1985). The formal specification and derivation of CMOS-circuits. (Computing science notes; Vol. 8501). Technische Hogeschool Eindhoven.

## Document status and date:

Published: 01/01/1985

## Document Version:

Publisher's PDF, also known as Version of Record (includes final page, issue and volume numbers)

## Please check the document version of this publication:

- A submitted manuscript is the version of the article upon submission and before peer-review. There can be important differences between the submitted version and the official published version of record. People interested in the research are advised to contact the author for the final version of the publication, or visit the DOI to the publisher's website.
- The final author version and the galley proof are versions of the publication after peer review.
- The final published version features the final layout of the paper including the volume, issue and page numbers.
Link to publication


## General rights

Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights.

- Users may download and print one copy of any publication from the public portal for the purpose of private study or research.
- You may not further distribute the material or use it for any profit-making activity or commercial gain
- You may freely distribute the URL identifying the publication in the public portal.

If the publication is distributed under the terms of Article 25 fa of the Dutch Copyright Act, indicated by the "Taverne" license above, please follow below link for the End User Agreement:
www.tue.nl/taverne

## Take down policy

If you believe that this document breaches copyright please contact us at:
openaccess@tue.nl
providing details and we will investigate your claim.

# The Formal Specification <br> and Derivation of CMOS-circuits 

by

Rudolf H. Mak

85/01

## COMPUTING SCIENCE NOTES

> This is a series of notes of the Computing Science Section of the Department of Mathematics and Computing Science of Eindhoven University of Technology. Since many of these notes are preliminary versions or may be published elsewhere, they have a limited distribution only and are not for review. Copies of these notes are available from the author or the editor.

```
Eindhoven University of Technology
Department of Mathematics and Computing Science
P.O. Box 513
5600 MB EINDHOVEN
The Netherlands
All rights reserved
editor: M.L. Potters
```

Rudolf H. Mak<br>Department of Mathematics and Computing Science, Eindhoven University of Technology,<br>P. O. Box 513, 5600 MB Eindhoven, The Netherlands.


#### Abstract

A programming notation for CMOS-circuits is given. With each circuit a Boolean expression is associated that specifies the logic properties of the circuit. Circuits are designed in a hierarchical fashion and rules are given to derive the logic properties of a composite circuit from the logic properties of its subcomponents. Combinational circuits and sequential circuits are treated in a uniform fashion.


## 1. Introduction

The task of designing a circuit is, or should become, very similar to the task of designing a program. Ideally, one would like to describe a circuit in some "high level" language, in which the designer needs to be concerned with the functional aspects of his design only, and is not burdened with the physics underlying the constituting components, nor with the problem of their layout on the chip. Hence, just like programs, we would like to be able to derive circuits from their formal specifications. We show that this can be achieved by postulating two rules, the substitution rule described in section 3 , and the elimination rule described in section 4.

## 2. CMOS-circuits and their notation

A CMOS-circuit can conveniently be thought of as consisting of a collection of ports connected by a network of switches and wires. For a discussion of CMOS-switches we refer to [1]. Our interest is in circuits that consist of a hierarchy of components. In order to facilitate the reasoning about such circuits we shall require that the network connecting the ports of a component and its subcomponents consists solely of wires. Hence the switches become the basic components, that form the bottom level of the hierarchy. Components communicate signals through their ports. Notice that the same signal may be communicated through several distinct ports, which then have to be connected. This connection may exist either inside or outside the component. How many ports there are per signal, and whether connections are realized inside or outside the component are clearly concerns for an implementation. In this paper we shall not address this question, but we shall describe components in terms of signals.

We introduce a programming notation to specify and describe CMOS--components. In this notation adescription of a component consists of - a heading, stating the name of the component, and the names and types of the external signals by which the component communicates with its environment

- a local network, stating the subcomponents and a list of "connections" between the signals of the component, i.e. the external signals of the component and the external signals of its subcomponents, which are called the internal signals
- a Boolean expression, denoting the logic relation the component establishes between the external signals.

A specification of a component consists of a heading and a Boolean expression only. Notice that a specification describes the logic function of a component; the order in which the signals change their values is left unspecified.

The set of Boolean values is denoted by $B=\{z e r o, o n e\}$. The Boolean operators negation, conjunction, disjunction, equivalence, and implication are denoted by the symbols ', $\wedge, \vee, \equiv$, and $\Rightarrow$, respectively

As an example we describe our basic components: the switches. There are two kinds of switches. A normally-off switch denoted by

```
com switchl ( a , x : in , y : out) ;
    a\longrightarrowx=y
moc}{a\wedgey\equiva|x
```

and a normally-on switch denoted by

```
com switch0 ( a , x : in , y : out) ;
    a'\longrightarrowx=y
moc { a'^ ^ \equiv a'^x }
```

There are two types of signals: input signals (indicated by in), and output signals (indicated by out). The local network of a switch is special, since it contains no subcomponents and states a conditional connection between the signals $x$ and $y$. Switches are the only components with conditional connections in their local network. The shape of the local network for other components is described in the next section.

## 3. Substitution rule

For any component other than a switch the local network contains various subcomponents. The connection pattern between the ports is given by an equivalence relation upon the signals of which there are three kinds: (i) the external signals, (ii) the internal signals, (iii) the constant signals zero and one. The equivalence classes are called nets and all signals in a net are assumed to have the same value. This assumption is captured by the

## Substitution rule

Let $E$ be a Boolean expression and let $p$ and $q$ be two signals from the same net. Then $E_{q}^{P}$ and $E$ are equivalent, where $E_{q}^{P}$ is the expression obtained from $E$ when all occurrences of $p$ are replaced by $q$. The equivalence relation is denoted by the infix operator $=$, pronounced as "is connected with". Nets are denoted by listing a sufficient number of pairs of equivalent signals. For instance the net $\{a, b, c\}$ can be denoted by
(i) $\quad \mathrm{a}=\mathrm{b}, \mathrm{b}=\mathrm{c}$
(ii) $a=b, a=c$
(iii) $a=c, b=c$
(iv) $\quad a=b, b=c, a=c$

Notice that a net specified by (i), for instance, may be realized by wires connecting the port(s) for signal a with the port(s) for signals $b$ and $c$. Therefore we introduce yet another notation for nets, that avoids to suggest any implementation, and that is more concise. In this notation net $\{a, b, c\}$ is denoted by
(v) $\quad a=b=c$

Thus the local network of a component consists of a list of declarations of subcomponents and a list of all nets.

The occurrence of two external input signals in the same net is forbidden, since it makes two signals of the environment equivalent; the occurrence of two external output signals in the same net indicates a superfluous output signal; the occurrence of two external signals of different type in the same net indicates a superfluous connection. Therefore we impose upon components the following

## Syntactic restriction

Each net contains at most one external signal.

In the remainder of this section we demonstrate how the substitution rule is used to prove the correctness of components. Consider a selector specified by

```
com selector (a , x0 , xl : in , y : out)
```

moc $\left\{y \equiv a^{\prime} \wedge x 0 \vee a \wedge x 1\right\}$

From the specification we derive by means of propositional calculus that a selector can be composed of two switches of opposite kind. In this and further derivations the equality sign between Boolean expressions means that the expressions immediate before and after the sign are equivalent. Between brackets a hint is given why this is so.

```
    y ミ a'^ x0 v a ^ xl
= {propositional calculus}
```



```
= {propositional calculus}
    (a'^y \equiv a' ^ (a'^ x0 \vee a ^ xl)) ^
    (a\wedgey \equiv a ^ (a'^ x0 \vee a ^ xl))
={propositional calculus}
(a'\wedge y \equiv a'^ ^0) ^ (a\wedge y \equiv a ^ xl)
Internal signals of a component are denoted as follows. Let \(s\) be the name of a subcomponent, and \(e\) the name of one of its external signals. Then s.e is the name of the corresponding internal signal. With this notational convention we are able to give a program for the selector
```

```
com selector ( a , x0 , xl : in , y : out) ;
    sub s0 : switch0 { s0.a' ^ s0.y \equiv s0.a'^ s0.x } ;
            sl : switchl {sl.a^sl.y \equiv sl.a^sl.x };
    x0 = s0.x, x1 = sl.x,
    a = s0.a = sl.a,
    y=s0.y=s1.y
moc {y \equiv a'^ ^0 \vee a ^ xl }
```

The correctness proof consists of an application of the substitution rule and the derivation given above, i.e.

```
    (s0.a'^s0.y \equiv s0.a'^s0.x) ^ (sl.a^sl.y \equiv sl.a^sl.x)
= {substitution rule}
    (a'\wedgey \equiv a'^ (a0) ^ (a\wedge y \equiv a ^ x1)
= {propositional calculus}
    y \equiv a'^ x0 v a ^ xl
```

Another example of a component that can be proved correct by means of the substitution rule is an inverter.

```
com inverter ( a : in , y : out) ;
    sub s : selector {s.y \equiv s.a'^ s.x0 \vee s.a ^ s.xl };
    one = s.x0 , zero = s.xl,
    a = s.a, y = s.y
moc {y \equiv a'}
```

In the previous examples the substitution rule is sufficient to prove the correctness of components, since each net contains an external signal. In the case of components with nets that consist entirely of internal signals we need an additional rule.

## 4. Elimination rule

Consider the Boolean expression that specifies a component. It may be viewed as an equation in the external signals of the component. The solutions of this equation are called stable external signal configurations. The remaining configurations are called unstable external signal configurations. There is an obvious mechanistic appreciation of stable and unstable configurations. Any mechanism for a component that ob-
serves an unstable configuration shall try to reach a stable configuration by changing some of its output signals. Thereafter it remains in rest until it is brought into an unstable configuration by a change of an input signal initiated by its environment. From this mechanistic appreciation we conclude that for any assignment to the signals such that each subcomponent is in a stable configuration, the component itself is in a stable configuration. As a consequence of the substitution rule we only have to assign values to the external signals and one value per net that consists of internal signals only. Hence we introduce the following rule

## Elimination rule

Let $C$ be a component with $n \geq 1$ subcomponents specified by the Boolean expressions $E_{i}, 0 \leq i<n$. Moreover, let there be $m \geq 0$ nets $N_{j}, 0 \leq j<m$, with internal signals only. Then $C$ satisfies the Boolean expression

$$
\left(\exists p_{0}, \ldots, p_{m-1}: p_{0}, \ldots, p_{m-1} \in B: E\right)
$$

where $E$ is the conjunction of all $E_{i}$, with for $0 \leq j<m$ each signal in net $N_{j}$ replaced by $P_{j}$.

We remark that in the case $m=0$ the elimination rule yields the conjunction of all $E_{i}, 0 \leq \dot{i}<n$. As such it has already been used to prove the selector correct.

The following example illustrates the application of the elimination rule in a non-trivial case (i.e. m>0).

```
com and (a0 , al : in , y : out) ;
    sub s0 , sl : selector { (s0.y \equiv s0.a' ^ s0.x0 v s0.a ^ s0.xl)
    ^(sl.y \equiv sl.a'^ sl.x0 \vee sl.a^ sl.xl) };
    zero = s0.x0 = sl.x0,
    a0 = s0.a , al = sl.a ,
    one = s0.xl , s0.y = sl.xl , s1.y = y
moc{y \equiva0^al}
```

This component contains one net with internal signals only, viz. the net $\{s 0 . y, s l . x 1\}$. Application of the elimination rule yields the Boolean expression
( $3 \mathrm{p}: \mathrm{p} \in \mathrm{B}: ~\left(\mathrm{p} \equiv \mathrm{s} 0 . \mathrm{a}^{\prime} \wedge \mathrm{s} 0 . \mathrm{x} 0 \vee \mathrm{~s} 0 . \mathrm{a} \wedge \mathrm{s} 0 . \mathrm{x} 1\right) \wedge$

Moreover,

$$
\left.\begin{array}{rl}
(\exists \mathrm{p}: \mathrm{p} \in \mathrm{~B}: & \left(\mathrm{p} \equiv \mathrm{~s} 0 . \mathrm{a}^{\prime} \wedge \mathrm{s} 0 . \mathrm{x} 0 \vee \mathrm{~s} 0 . \mathrm{a} \wedge \mathrm{~s} 0 . \mathrm{xl}\right) \wedge \\
& \left(\mathrm{s} 1 . \mathrm{y} \equiv \mathrm{sl} \cdot \mathrm{a}^{\prime} \wedge \mathrm{sl} . \mathrm{x} 0 \vee \mathrm{~s} 1 . \mathrm{a} \wedge \mathrm{p}\right)
\end{array}\right)
$$

$=$ \{substitution rule\}
$(\exists \mathrm{p}: \mathrm{p} \in \mathrm{B}:(\mathrm{p} \equiv \mathrm{a} 0) \wedge(\mathrm{y} \equiv \mathrm{al} \wedge \mathrm{p}))$
$=$ \{predicate calculus'\}
( $\exists \mathrm{p}: \mathrm{p} \in \mathrm{B}: \mathrm{p} \equiv \mathrm{a} 0) \wedge(\mathrm{y} \equiv \mathrm{al} \wedge \mathrm{a} 0)$
$=\{$ predicate calculus $\}$
$y \equiv a 0 \wedge a l$

This completes the correctness proof for the and-component. In the next two sections we discuss some more examples.

## 5. A component with a precondition

Some components require a restriction on the input signals in order to meet their specification. An example of such a component is a Set-Reset f1ipflop. An SR-flipflop is specified by

```
com srff (s,r : in , y , z : out)
moc}{(z\equiv\mp@subsup{y}{}{\prime})\wedge(s=>y)^(r=>z)
```

Observe that each stable external signal configuration satisfies $\mathrm{s} \wedge \mathrm{r} \equiv$ zero. Since both s and r are input signals, we can prove the correctness of an SR-flipflop only under the restriction that the environment meets the specification $s \wedge r \equiv$ zero. In our notation we add such a specification for the environment as a precondition to our component. We shall now prove the following version of an SR-flipflop to be correct.

```
{s^r \equiv zero }
com srff ( s , r : in , y , z : out) ;
        sub i0 , il : inverter { (i0.y \equiv i0.a').^ (il.y \equiv il.a')};
        & s0 , sl : selector { (s0.y \equiv s0.a' ^ s0.x0 \vee s0.a ^ s0.xl)
            ^(sl.y \equiv sl.a'^ sl.x0 v sl.a^^ sl.x1)};
        zero = s0.xl = sl.xl ,
        s = s0.a , s0.y = i0.a , i0.y = s1.x0 = y ,
        r = sl.a, sl.y = il.a , il.y = s0.x0 = z
moc {(z \equiv y') ^(s # y) ^ (r g z)}
```

According to the elimination rule this component satisfies

```
( \(\exists \mathrm{p}, \mathrm{q}: \mathrm{p}, \mathrm{q} \in \mathrm{B}:\left(\mathrm{i} 0 . \mathrm{y} \equiv \mathrm{p}^{\prime}\right) \wedge\) (il.y \(\left.\equiv \mathrm{q}^{\prime}\right) \wedge\)
\(\left(p \equiv s 0 . a^{\prime} \wedge\right.\) s0.x0 \(\vee\) s0.a \(\wedge\) s0.x1) \(\wedge\)
\(\left(\mathrm{q} \equiv \mathrm{sl} . \mathrm{a}^{\prime} \wedge \mathrm{s} 1 . \mathrm{x} 0 \vee \mathrm{sl} . \mathrm{a} \wedge \mathrm{sl} . \mathrm{x} 1\right)\) )
```

$=$ \{substitution rule $\}$
( $\exists \mathrm{p}, \mathrm{q}: \mathrm{p}, \mathrm{q} \in \mathrm{B}:\left(\mathrm{y} \equiv \mathrm{p}^{\prime}\right) \wedge\left(\mathrm{z} \equiv \mathrm{q}^{\prime}\right) \wedge$
$\left.\left(p \equiv s^{\prime} \wedge z\right) \wedge\left(q \equiv r^{\prime} \wedge y\right) \quad\right)$
$=$ \{predicate calculus $\}$
( $\exists \mathrm{p}, \mathrm{q}: \mathrm{p}, \mathrm{q} \in \mathrm{B}:\left(\mathrm{y} \equiv \mathrm{p}^{\prime}\right) \wedge\left(\mathrm{z} \equiv \mathrm{q}^{\prime}\right)$ ) $\wedge$
$\left(y^{\prime} \equiv s^{\prime} \wedge z\right) \wedge\left(z^{\prime} \equiv r^{\prime} \wedge y\right)$
$=\{p r e d i c a t e ~ c a l c u l u s\}$
( $y^{\prime} \equiv s^{\prime} \wedge z$ ) $\wedge\left(z^{\prime} \equiv r^{\prime} \wedge y\right)$
$=$ \{predicate calculus\}
$\left(y \vee\left(s^{\prime} \wedge z\right)\right) \wedge\left(y^{\prime} \vee s \vee z^{\prime}\right) \wedge\left(z \vee\left(r^{\prime} \wedge y\right)\right) \wedge\left(z^{\prime} \vee r \vee y^{\prime}\right)$
$=$ \{predicate calculus\}
$\left(y^{\prime} \vee z^{\prime} \vee(s \wedge r)\right) \wedge(y \vee z) \wedge\left(y \vee s^{\prime}\right) \wedge\left(z \vee r^{\prime}\right)$
$=\{$ precondition $\mathbf{s} \wedge \mathbf{r} \equiv$ zero $\}$
$\left(\left(y^{\prime} \vee z^{\prime}\right) \wedge(y \vee z)\right) \wedge\left(y \vee s^{\prime}\right) \wedge\left(z \vee r^{\prime}\right)$
$=$ \{predicate calculus\}
$\left(z \equiv y^{\prime}\right) \wedge(s \Rightarrow y) \wedge(r \Rightarrow z)$

## 6. A recursively defined component

A tally circuit of order $n \geq 0$ is a component that has $n$ inputs and $n+1$ outputs. The i-th output signal has value one if and only if precisely i input signals have value one. Formally a tally circuit of order $n$ is a component that computes the function $T_{n}: B^{n} \longrightarrow B^{n+1}$, defined by

$$
\begin{aligned}
& T_{0}=\text { one } \\
& T_{n+1}\left(x_{n}\right)=\left\{\begin{array}{ll}
\left(T_{n}\left(x_{n-1}\right), \text { zero }\right) & \text { if } x_{n}=\text { zero } \\
\left(\text { zero, } T_{n}\left(x_{n-1}\right)\right) & \text { if } x_{n}=\text { one }
\end{array}, n \geq 0\right.
\end{aligned}
$$

where $X_{-1}$ is the 0-dimensional vector, and for $n \geq 0, X_{n}=\left(X_{n-1}, x_{n}\right)$ is an $n+1$-dimensional vector of Boolean values. Let $y_{i}$ be the $i-t h$ coordinate of the vector $T_{n+1}\left(X_{n}\right), 0 \leq i \leq n+1$, and let $t_{j}$ be the $j$-th coordinate of $T_{n}\left(X_{n-1}\right), 0 \leq j \leq n$. Then

$$
\begin{aligned}
& y_{0}=t_{0} \wedge x_{n}^{\prime} \vee \operatorname{zero} \wedge x_{n}, \\
& y_{i}=t_{i} \wedge x_{n}^{\prime} \vee t_{i-1} \wedge x_{n}, 1 \leq i \leq n \\
& y_{n+1}=\operatorname{zero} \wedge x_{n}^{\prime} \vee t_{n} \wedge x_{n} .
\end{aligned}
$$

Obviously a tally circuit of order $n+1$ can be composed of a tally circuit of order $n$ and $n+2$ selectors, one for each output signal $y_{i}, 0 \leq i \leq n+1$. With an extension of our notation, that allows parametrized components, "rows" of signals, "rows" of subcomponents, and a concise way to denote a large number of connections, we are able to denote this component by

```
    com tally(0) ( y : [0..0]out) ;
        one \(=y[0]\)
    \(\underline{\operatorname{moc}\left\{y \equiv T_{0}\right\}}\)
```

and for $\mathfrak{n} \geq 0$

```
com tally \((n+1)(x:[0 . . n]\) in \(, y:[0 \ldots n+1]\) out \() ;\)
    sub \(t: \operatorname{tally}(n)\left\{t \cdot y \equiv T_{n}(t . x)\right\} ;\)
        \(s:[0 . . n+1] s e l e c t o r\{(\forall i: 0 \leq i \leq n+1:\)
            \(\left.\left.s[i] . y \equiv s[i] . a^{\prime} \wedge s[i] . x 0 \vee s[i] . a \wedge s[i] . x 1\right)\right\} ;\)
    zero \(=s[0] \cdot x]=s[n+1] \cdot x 0\)
    all \(i: 0 . . n-1: x[i]=t . x[i]\) 1la,
    a11 \(i\) : 0..n : t.y[i] \(=s[i] . x 0=s[i+1] . x 1\) 11a,
    al1 \(i=0 . . n+1: x[n]=s[i] . a, y[i]=s[i] . y 11 a\)
\(\underline{\operatorname{moc}}\left\{y \equiv T_{n+1}(x)\right\}\)
```

The proof is left to the reader.

## 7. Concluding remarks

The notation in this paper is an extension of the notation for restoring logic circuitry in CMOS proposed in [1]. We therefore believe that, just as is demonstrated in [1] and also in [2], it is possible to design restoring logic circuits by imposing syntactic restrictions on the nets of components. Besides the switches and the selector all components in this paper are restoring according to the rules of [2].

The notation introduced in this paper is also a good starting point for the automatic generation of layouts (see [3]). Due to the hierarchical nature of the programs, simple placement and routing strategies should suffice to generate layouts with a high degree of regularity.

A circuit is best described by its behaviour, i.e. all possible sequences of signals it accepts and produces. This can be done for instance by means of traces [4] or by means of Petri nets [5].

The logic properties of a circuit can then be derived from its behaviour. Decomposition of circuits in terms of their behaviours, however, is much harder than decomposition on the logic level. We expect that logic decomposition can serve as a guide in decomposing the behaviours of circuits.

## Acknowledgements

This work has benefitted from many discussions in the Eindhoven VLSI Club. The author wishes to thank its members for their comments and for providing a stimulating environment.

## References

[1] Rem, M. and C. Mead, "A notation for designing restoring logic circuitry in CMOS", Proc. 2nd Caltech Conference on VLSI, ed. Seitz, C.L., California Institute of Technology, Pasadena, Calif., 1981.
[2] Rem, M., "On the design of restoring logic circuitry", Proc. Advanced Course on VLSI Architecture, eds. Rande11 and Treleaven, University of Bristol, Prentice Hall International, 1982.
[3] Lierop, M.L.P. van, "A flexible bottom-up approach for layout generation", THE-Memorandum, Eindhoven University of Technology, Eindhoven, 1984.
[4] Snepscheut, J.L.A. van de, "Trace theory and VLSI design", Ph.D. thesis,Eindhoven University of Technology, Eindhoven, 1983.
[5] Molnar, C.E. and T. Fang, "An asynchronous system design methodology", Technical Memorandum No. 287, Washington University, St Louis, Missouri, 1981.

In this series appeared:
Nr. Author (s) Title

